Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!snorkelwacker!spdcc!mirror!necntc!necis!adamm
From: adamm@necis.UUCP (Adam S. Moskowitz)
Newsgroups: comp.unix.questions
Subject: Problems with FTP and null passwords
Message-ID: <1364@necis.UUCP>
Date: 26 Jul 90 16:51:33 GMT
Distribution: usa
Organization: NEC Technologies, Boxborough, MA
Lines: 27

I recently bumped into a known "situation" that I consider to be a short-
coming if not a bug in ftp.

I have several machines on a private network used exclusively for testing.
Since they're just test machines, we don't bother with passwords. However,
ftp doesn't grok null passwords. It seems to me that with a /etc/passwd entry
such as "adamm::5006:. . ." ftp shouldn't even ask for a password. Since it
does, it should be smart enough to recognize the null password the user
gives.

Before I go hacking on the code, is there any reason ftp (or ftpd as the case
may be) shouldn't be changed to (correctly) deal with null passwords?
Assuming the answer is no . . . I've browsed through the source code and
found comments about strcmp having problems dealing with null passwords.
Should I re-write as needed to make this work, or would it be better to hack
ftpd to not require a password where none exists?

Sorry if this has been hashed out before - my net.memory doesn't go back that
far. Also, as usual, replies by email to the address below and I'll summarize
(with code changes if appropriate). Thanx.

AdamM
-- 
"OSI: Same day delivery in a nanosecond world."           | Adam S. Moskowitz
                                                          | adamm@necis.nec.com
                                                          | ...!uunet!harvard!\
Van Jacobson (on a T-shirt)                               |  necntc!necis!adamm